define user roles

2024-09-20 15:26:04 +08:00 · 2024-05-22 08:51:55 +05:30 · 2024-05-22 08:51:55 +05:30 · 33375bba0f
parent 7e0be14892
commit 33375bba0f
2 changed files with 70 additions and 4 deletions
--- a/logic/user_mgmt.go
+++ b/logic/user_mgmt.go
@ -1 +1,52 @@
 package logic
+
+import (
+	"encoding/json"
+
+	"github.com/gravitl/netmaker/database"
+	"github.com/gravitl/netmaker/models"
+)
+
+// Pre-Define Permission Templates for default Roles
+var SuperAdminPermissionTemplate = models.UserPermissionTemplate{
+	ID:      models.SuperAdminRole,
+	Default: true,
+	DashBoardAcls: models.DashboardAccessControls{
+		FullAccess: true,
+	},
+}
+var AdminPermissionTemplate = models.UserPermissionTemplate{
+	ID:      models.AdminRole,
+	Default: true,
+	DashBoardAcls: models.DashboardAccessControls{
+		FullAccess: true,
+	},
+}
+
+var NetworkAdminPermissionTemplate = models.UserPermissionTemplate{
+	ID:      models.NetworkAdmin,
+	Default: true,
+	DashBoardAcls: models.DashboardAccessControls{
+		NetworkLevelAccess: make(map[models.NetworkID]models.NetworkAccessControls),
+	},
+}
+
+var NetworkUserPermissionTemplate = models.UserPermissionTemplate{
+	ID:      models.NetworkUser,
+	Default: true,
+	DashBoardAcls: models.DashboardAccessControls{
+		DenyDashboardAccess: true,
+		NetworkLevelAccess:  make(map[models.NetworkID]models.NetworkAccessControls),
+	},
+}
+
+func init() {
+	d, _ := json.Marshal(SuperAdminPermissionTemplate)
+	database.Insert(SuperAdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
+	d, _ = json.Marshal(AdminPermissionTemplate)
+	database.Insert(AdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
+	d, _ = json.Marshal(NetworkAdminPermissionTemplate)
+	database.Insert(NetworkAdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
+	d, _ = json.Marshal(NetworkUserPermissionTemplate)
+	database.Insert(NetworkUserPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
+}
--- a/models/user_mgmt.go
+++ b/models/user_mgmt.go
@ -2,6 +2,7 @@ package models

 type NetworkID string
 type RsrcID string
+type UserRole string

 const (
 	HostRsrc           RsrcID = "host"
@ -11,8 +12,20 @@ const (
 	EgressGwRsrc       RsrcID = "egress"
 )

+// Pre-Defined User Roles
+
+const (
+	SuperAdminRole UserRole = "super_admin"
+	AdminRole      UserRole = "admin"
+	NetworkAdmin   UserRole = "network_admin"
+	NetworkUser    UserRole = "network_user"
+)
+
+func (r UserRole) String() string {
+	return string(r)
+}
+
 type NetworkRsrcPermissions struct {
-	All    bool `json:"all"`
 	Create bool `json:"create"`
 	Read   bool `json:"read"`
 	Update bool `json:"update"`
@ -26,11 +39,13 @@ type NetworkAccessControls struct {
 }

 type DashboardAccessControls struct {
-	FullAccess         bool                                `json:"full_access"`
-	NetworkLevelAccess map[NetworkID]NetworkAccessControls `json:"network_access_controls"`
+	FullAccess          bool                                `json:"full_access"`
+	DenyDashboardAccess bool                                `json:"deny_dashboard_access"`
+	NetworkLevelAccess  map[NetworkID]NetworkAccessControls `json:"network_access_controls"`
 }

 type UserPermissionTemplate struct {
-	ID            string                  `json:"id"`
+	ID            UserRole                `json:"id"`
+	Default       bool                    `json:"default"`
 	DashBoardAcls DashboardAccessControls `json:"dashboard_access_controls"`
 }